diff options
| author | KatolaZ <katolaz@freaknet.org> | 2017-07-11 14:38:55 +0100 |
|---|---|---|
| committer | KatolaZ <katolaz@freaknet.org> | 2017-07-11 14:38:55 +0100 |
| commit | 32b09256150d139e77d04533f28d0c26a32b12bd (patch) | |
| tree | 9d5aff595a1af5afee566b433d0466416d4f6691 /notes.txt | |
| parent | 3b752dc02e8ac2048c3dc6efa37145c679502c84 (diff) | |
added notes.txt on the architecture, and a sample worker_config
Diffstat (limited to 'notes.txt')
| -rw-r--r-- | notes.txt | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/notes.txt b/notes.txt new file mode 100644 index 0000000..618fcbf --- /dev/null +++ b/notes.txt @@ -0,0 +1,54 @@ +## structure + +- we read the list of workers from the config file. Each worker + record consists of + + - a list of repos/branches + - a folder where the configs and logs are kept + - a logfile + - a tagfile with the definition of tags + - a list of keyring files + +## master logic + +- in main() (master) we create a worker for each worker record, + maintaining a map of which worker can process commands for which + repo/branch + +- The spooler receives and processes CREATE events from the spool. It + parses each message and forwards it to the corresponding worker(s). + +- When the worker is done, it notifies the master, which will delete + the corresponding file from the spool. + + + +## worker logic + +- Each worker reads a configuration file containing the definition of + the tags it can manage. + +- Each tag is associated to a set of commands (URLs) and to a set of + keyrings. + +- A worker maintains a list of accepted scorsh tags, a map of + keyrings[tags], and a map of commands[tags]. + +When a new scorsh message is received by a worker, it looks through +the commit history for commits containing schorsh-tags. For each +scorsh-tag found, the worker looks if the tag is among the supported +ones, then checks if the commit can be verified by one of the keyrings +associated to the tag. If the set of keyrings for that tag is empty, +the tag is not allowed to run (this is a quick way to disable tags). + +(we might want to add an option to the definition of a scorsh-tag, +which allows to run the commands from unsigned and/or unverified +commits. This would be very dangerous though.) + +Then, if the tag is allowed to run, the worker executes each of the +commands in the tag definition, replacing arguments as needed. If a +command is a script (file://...), then it must also correspon to the +hash specified in the config, otherwise it will not be executed. + +When the worker is finished with all the commands for all the commits, +it will notify the master. |